Search in sources :

Example 51 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidTokenStoreServiceTest method testReadAuthentication.

@Test
@Transactional
public void testReadAuthentication() throws Exception {
    OAuth2Authentication oAuth2Authentication = orcidTokenStoreService.readAuthentication("persistent-token-2");
    assertNotNull(oAuth2Authentication);
    OAuth2Request oAuth2Request = oAuth2Authentication.getOAuth2Request();
    assertNotNull(oAuth2Request);
    Object principal = oAuth2Authentication.getPrincipal();
    assertNotNull(principal);
    assertTrue(!oAuth2Authentication.isClientOnly());
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 52 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidSecurityManagerImpl method checkScopes.

@Override
public void checkScopes(ScopePathType requiredScope) {
    //Verify the client is not a public client
    checkClientType();
    OAuth2Authentication oAuth2Authentication = getOAuth2Authentication();
    OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
    Set<ScopePathType> requestedScopes = ScopePathType.getScopesFromStrings(authorizationRequest.getScope());
    for (ScopePathType scope : requestedScopes) {
        if (scope.hasScope(requiredScope)) {
            return;
        }
    }
    throw new OrcidAccessControlException();
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException)

Example 53 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidSecurityManagerImpl method isNonClientCredentialScope.

private boolean isNonClientCredentialScope(OAuth2Authentication oAuth2Authentication) {
    OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
    Set<String> requestedScopes = ScopePathType.getCombinedScopesFromStringsAsStrings(authorizationRequest.getScope());
    for (String scopeName : requestedScopes) {
        ScopePathType scopePathType = ScopePathType.fromValue(scopeName);
        if (!scopePathType.isClientCreditalScope()) {
            return true;
        }
    }
    return false;
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ScopePathType(org.orcid.jaxb.model.message.ScopePathType)

Example 54 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidSecurityManagerImpl method getClientIdFromAPIRequest.

@Override
public String getClientIdFromAPIRequest() {
    SecurityContext context = SecurityContextHolder.getContext();
    Authentication authentication = context.getAuthentication();
    if (authentication != null && OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
        OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication;
        OAuth2Request request = oAuth2Authentication.getOAuth2Request();
        return request.getClientId();
    }
    return null;
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) SecurityContext(org.springframework.security.core.context.SecurityContext)

Example 55 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class SecurityContextTestUtils method setUpSecurityContext.

public static void setUpSecurityContext(String userOrcid, String clientId, ScopePathType... scopePathTypes) {
    SecurityContextImpl securityContext = new SecurityContextImpl();
    OrcidOAuth2Authentication mockedAuthentication = mock(OrcidOAuth2Authentication.class);
    securityContext.setAuthentication(mockedAuthentication);
    SecurityContextHolder.setContext(securityContext);
    ProfileEntity userProfileEntity = new ProfileEntity(userOrcid);
    when(mockedAuthentication.getPrincipal()).thenReturn(userProfileEntity);
    Authentication userAuthentication = mock(Authentication.class);
    when(userAuthentication.getPrincipal()).thenReturn(userProfileEntity);
    when(mockedAuthentication.getUserAuthentication()).thenReturn(userAuthentication);
    Set<String> scopes = new HashSet<String>();
    if (scopePathTypes != null) {
        for (ScopePathType scopePathType : scopePathTypes) {
            scopes.add(scopePathType.value());
        }
    }
    OAuth2Request authorizationRequest = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, scopes, Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    when(mockedAuthentication.getOAuth2Request()).thenReturn(authorizationRequest);
    when(mockedAuthentication.isAuthenticated()).thenReturn(true);
}
Also used : SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) HashSet(java.util.HashSet)

Aggregations

OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)99 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)77 Authentication (org.springframework.security.core.Authentication)57 Test (org.junit.Test)56 HashMap (java.util.HashMap)21 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)16 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)15 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)14 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)13 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)12 Date (java.util.Date)11 HashSet (java.util.HashSet)11 Expression (org.springframework.expression.Expression)10 DBUnitTest (org.orcid.test.DBUnitTest)8 EvaluationContext (org.springframework.expression.EvaluationContext)8 MethodInvocation (org.aopalliance.intercept.MethodInvocation)7 OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)7 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)7 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)7 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)7